Finally sat down and setup gentoo to load the tunnel on bootup instead of me having to use a script each time.
You will need to emerge iproute2
/etc/conf.d/net
# using IProute2 method, makes it easier :)
modules=( "iproute2" )
...
iptunnel_he6="mode sit remote 216.66.80.26 local 81.2.189.182 ttl 255 dev eth0"
depend_he6="net.eth0"
config_he6=( "2001:470:1f08:697::2/64" )
routes_he6=( "default via 2001:470:1f08:697::1 dev he6" )
I trimmed out how to setup eth0 and other non relevant lines. See /etc/conf.d/net.example and look for iproute2 if you need help on those interfaces.
You also will want to "ln -s net.lo net.he6" in /etc/init.d/, and also add it to bootup
Here's my setup, very similar to mindlesstux's:
/etc/conf.d/net (make sure you have iproute2 installed [emerge iproute2], since this config depends on it):
# Ethernet config
# Add our IPv4 address and HE assigned IPv6 address
config_eth0=(
"192.168.0.4/24"
"2001:db8:beef::1/64"
)
routes_eth0=( "default via 192.168.0.1" )
# Hurricane Electric ipv6 6in4 tunnel config
# make sure our ethernet interface is up first
RC_NEED_he6="net.eth0"
# tunnel setup
iptunnel_he6=(
"mode sit remote 72.52.104.74 local 192.168.0.4 ttl 255 dev eth0"
)
# set the MTU
mtu_he6="1280"
# set the IPv6 address for our side of the tunnel interface
config_he6=( "2001:db8:1234:567::2/64" )
# add the default route for IPv6 traffic through the tunnel
routes_he6=( "default via 2001:db8:1234:567::1 dev he6" )
To make the interface come up during boot:
ln -s /etc/init.d/net.lo /etc/init.d/net.he6
rc-update add net.he6 default
Output of various commands after setup:
{root@gtoobox/pts/3}~# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:50:da:53:65:64
inet addr:192.168.0.4 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: 2001:db8:beef::1/64 Scope:Global
inet6 addr: fe80::250:daff:fe53:6564/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:19184246 errors:0 dropped:0 overruns:0 frame:0
TX packets:31357595 errors:0 dropped:0 overruns:0 carrier:4
collisions:0 txqueuelen:1000
RX bytes:2250820247 (2.0 GiB) TX bytes:3264704922 (3.0 GiB)
Interrupt:3 Base address:0x300
he6 Link encap:IPv6-in-IPv4
inet6 addr: 2001:db8:1234:567::2/64 Scope:Global
inet6 addr: fe80::c0a8:4/128 Scope:Link
UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1
RX packets:162 errors:0 dropped:0 overruns:0 frame:0
TX packets:146 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:88515 (86.4 KiB) TX bytes:19424 (18.9 KiB)
{root@gtoobox/pts/3}~# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:50:da:53:65:64 brd ff:ff:ff:ff:ff:ff
3: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
link/sit 0.0.0.0 brd 0.0.0.0
5: he6@eth0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1280 qdisc noqueue state UNKNOWN
link/sit 192.168.0.4 peer 72.52.104.74
{root@gtoobox/pts/3}~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:50:da:53:65:64 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.4/24 brd 192.168.0.255 scope global eth0
inet6 2001:db8:beef::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::250:daff:fe53:6564/64 scope link
valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
link/sit 0.0.0.0 brd 0.0.0.0
5: he6@eth0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1280 qdisc noqueue state UNKNOWN
link/sit 192.168.0.4 peer 72.52.104.74
inet6 2001:db8:1234:567::2/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::c0a8:4/128 scope link
valid_lft forever preferred_lft forever
{root@gtoobox/pts/3}~# ip tunnel show
sit0: ipv6/ip remote any local any ttl 64 nopmtudisc
he6: ipv6/ip remote 72.52.104.74 local 192.168.0.4 dev eth0 ttl 255
{root@gtoobox/pts/3}~# netstat -6 -rn
Kernel IPv6 routing table
Destination Next Hop Flag Met Ref Use If
::1/128 :: Un 0 1 24 lo
2001:db8:1234:567::/128 :: Un 0 1 0 lo
2001:db8:1234:567::2/128 :: Un 0 1 2 lo
2001:db8:1234:567::/64 :: Un 256 0 1 he6
2001:db8:beef::/128 :: Un 0 1 0 lo
2001:db8:beef::1/128 :: Un 0 1 23679 lo
2001:db8:beef::/64 :: U 256 0 0 eth0
fe80::/128 :: Un 0 1 0 lo
fe80::c0a8:4/128 :: Un 0 1 0 lo
fe80::250:daff:fe53:6564/128 :: Un 0 1 68233 lo
fe80::/64 :: U 256 0 0 eth0
fe80::/64 :: Un 256 0 0 he6
ff00::/8 :: U 256 0 0 eth0
ff00::/8 :: U 256 0 0 he6
::/0 2001:db8:1234:567::1 UG 1000 0 156 he6
::/0 :: !n -1 1 343 lo
{root@gtoobox/pts/3}~# ip -6 route show
2001:db8:1234:567::/64 via :: dev he6 proto kernel metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
2001:db8:beef::/64 dev eth0 proto kernel metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev he6 proto kernel metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev he6 metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
default via 2001:db8:1234:567::1 dev he6 metric 1000 mtu 1280 advmss 1220 hoplimit 4294967295
I also have radvd running to allow hosts on my LAN to automatically configure IPv6 addresses and get their IPv6 default gateways, etc. Here's the conf for that:
interface eth0
{
AdvSendAdvert on;
AdvLinkMTU 1280;
MaxRtrAdvInterval 300;
# advertise subnet 0 of our /48
prefix 2001:db8:beef::/64
{
AdvOnLink on;
AdvAutonomous on;
};
};
That needs to be added for startup too:
rc-update add radvd default
The gentoo radvd startup script automatically does the "sysctl -w net.ipv6.conf.all.forwarding=1" thing to enable forwarding, but if you're not using radvd, you'll want to add the line "net.ipv6.conf.all.forwarding = 1" to your /etc/sysctl.conf file.
Of course, you'll also want to configure the ip6tables firewall so that your gateway and LAN aren't wide open to the internet, but that's a bit beyond the scope of what I wanted to share here.
(EDIT: Addresses anonymzied for paranoia :) )
Thanks for the infos, got it running now. Additionally, to update the he
tunnel endpoint, I have the following script
/etc/ppp/ip-up.d/95-update-he-tunnel-endpoint.sh that is executed each time
the ppp0 (with a new/changed dynamic ipv4 address) comes up (numbers in script
are not real):
#!/bin/sh
USER_ID='c85df26db6fc0e9de6e089421c2f0dbf'
TUNNEL_ID='12345'
URL='https://ipv4.tunnelbroker.net/ipv4_end.php'
PASS_MD5='da7175077c01a23ade5956b8a2bba90'
# wait for dns to come up
sleep 20
wget --spider --no-check-certificate
"${URL}?ipv4b=AUTO&pass=${PASS_MD5}&user_id=${USER_ID}&tunnel_id=${TUNNEL_ID}"
The sleep 20 is because I have a locally running nameserver as resolver, that
restarts after ppp0 restarts, and I have to wait for it, to resolve the above
url to retreive.
Here is howto get IPv6 over IPv4 with Gentoo and tunnelbroker.net and dynamic IPv4 address from provider, including a ppp-up script for updating when dynamic IPv5 address changes:
http://www.fernmeldung.de/ipv6-with-gentoo-and-he-tunnel.html